View all newsletters
Receive our newsletter – data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
June 14, 2022updated 15 Jun 2022 11:48am

NSO Group takeover could put Pegasus spyware in US hands

The Israeli security company could be about to be taken over, giving the US control of its powerful Pegasus spyware.

By Claudia Glover

NSO Group, developer of the controversial Pegasus spyware, is reportedly set to be acquired by US defence contractor L3 Harris Tech. An acquisition by a US company would likely bring about a fundamental shift in how Pegasus is deployed, as the popularity of spyware among governments grows.

NSO Group, developer of Pegasus spyware, is set to be acquired by US defence contractor L3 Harris Tech. (Photo by JOEL SAGET/AFP via Getty Images)

Interest in acquiring NSO has been running high since the company was blacklisted by the US government and forced to restructure its operations. But L3 Harris Tech is leading the race to acquire the company, according to a report from Intelligence Online, and a deal could be announced in the coming days.

What would NSO Group takeover mean for Pegasus?

The US government blacklisted NSO Group in November because, it said, Pegasus poses a threat to national security.

Last year a major international investigation revealed the software has been used by authoritarian regimes to spy on political opponents, activists and journalists. More recently it has been deployed against government officials in the UK and Spain, including prime minister Boris Johnson’s office.

NSO Group’s acquisition by a US-based company would limit which countries could deploy the software, which is likely to change attitudes considerably, says Aseem Prakash, global futurist at the Centre for Innovating the Future consultancy.

“A very major possibility is that Pegasus can be militarised [by the US],” he says. “Once it is militarised, countries that are aligned with the US will have probably very little problem with it. And countries that are not aligned will have to figure things out.”

The use of spyware by governments around the world is growing, according to Kaja Ciglic, senior director of digital diplomacy at Microsoft. “It’s a practice that is growing, in terms of the numbers of different actors, the numbers of different governments engaging and investing in this area, the numbers of attacks and their sophistication,” Ciglic said at a European Parliament committee hearing into the use of Pegasus and other spyware earlier today.

Content from our partners
Webinar - Top 3 Ways to Build Security into DevOps
Tech sector is making progress on diversity, but advances must accelerate
How to bolster finance functions and leverage tech to future-proof operational capabilities

Weaponising intelligence is nothing new, says Jamie Moles, a senior technical manager at network detection and response firm ExtraHop. But, he says: “We’ve never really seen it because we’re not told about it. We have never really seen it in the commercial market, which is what NSO is doing.”

The acquisition of the company, therefore, is less about who owns the software, but who has control over the client base, he says. “This feels like an attempt to pull it back into the US Federal business rather than letting it remain a public entity,” he says.

The value of offensive cyber warfare tools is likely to grow

NSO Group has seen its client base shrink since the US blacklisting, despite reportedly being urged by creditors including Swiss bank Credit Suisse to continue selling Pegasus in the face of the international outcry about its use.

Last week, a Spanish judge investigating the use of Pegasus against two politicians reportedly travelled to Israel to interview NSO Group executives.

The continued use of Pegasus and other spyware illustrates a split in the cybersecurity industry, says Justin Fier, VP of tactical risk and response at security company Darktrace.

“Within the cyber industry there are factions that strongly oppose the creation and commercial offering of these powerful tools, and there remains a clear line between organisations providing defensive products and services, and those who offer offensive capabilities to the highest bidder,” he says.

Fier continues: “It is evident that cyber tools [like Pegasus and other spyware] which exploit zero-day vulnerabilities can be extremely valuable to nation-states as well as Big Tech.”

Read more: Spyware threatens both human rights and cybersecurity

Topics in this article: , ,
Websites in our network
NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
I consent to New Statesman Media Group collecting my details provided via this form in accordance with the Privacy Policy
SUBSCRIBED

THANK YOU